Miscellaneous questions

David Shaw dshaw at jabberwocky.com
Wed Apr 16 14:41:15 CEST 2008

On Wed, Apr 16, 2008 at 10:46:08AM +0200, Christoph Anton Mitterer wrote:

> > Arguing "GnuPG should support a nonconformant extension to the spec" is
> > probably not going to get much of anywhere.

> > > But I'd like to know it this leads to improved security or not:
> Specs are moving,... and implementations do so, too. And as others have
> already pointed out, there are several places where gpg is
> non-conformant (or at least doesn't care about some SHOULDs), e.g. it
> allows you to export non-exportable signatures.

I was pretty much getting out of this thread as non-useful, but I have
to comment on this.  It's not true.  GPG does not export
non-exportable signatures.

You can choose to configure GPG to do so, but this is not default
behavior, and does not enable you to do anything you couldn't do by
just copying the keyring around.


More information about the Gnupg-users mailing list